Back to skill
Skillv1.2.0
VirusTotal security
Binance Dca · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 28, 2026, 3:25 AM
- Hash
- 946c84c5a35fc6d9fd9234e6fa8c796fb8d9dc51e590fd44c11eb72d1c95cfb0
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 1 The OpenClaw AgentSkills skill bundle for Binance DCA is classified as benign. The skill's core purpose is to automate cryptocurrency purchases on Binance, which inherently involves financial transactions and requires API keys with trading permissions. The `scripts/dca.sh` script correctly uses environment variables for `BINANCE_API_KEY` and `BINANCE_SECRET_KEY`, and all API interactions are with legitimate Binance endpoints (`api.binance.com` or `testnet.binance.vision`). The `SKILL.md` documentation provides clear instructions, strong security warnings (e.g., IP whitelisting, dedicated API keys, 'Spot Trading' only), and the prompt injection surface in the OpenClaw automation section is benign, instructing the agent to perform actions strictly within the skill's stated purpose. There is no evidence of data exfiltration to unauthorized parties, malicious execution, persistence mechanisms, or obfuscation.
- External report
- View on VirusTotal